Professional Documents
Culture Documents
Juniper sa2000_4000_6000
Juniper sa2000_4000_6000
Juniper sa2000_4000_6000
flexibility. The result provides ubiquitous The Juniper Networks SA 4000 SSL VPN enables mid-to-large size organizations to
provide cost effective remote employee and partner extranet access using only a
security for all enterprise tasks with options for Web browser. The SA 4000 appliances feature rich access privilege management
functionality that can be used to create secure customer/partner extranets. This
increasingly stringent levels of access control functionality also allows the enterprise to secure access to the corporate intranet, so
to protect the most sensitive applications and that different employee and visitor populations can utilize exactly the resources that
they need while adhering to enterprise security policies. Built-in compression for all
data. Juniper Networks Secure Access appliances traffic types speeds performance, and hardware-based SSL acceleration is available for
more demanding environments. The SA 4000 also offers High-Availability (HA) with
deliver lower total cost of ownership over
seamless user failover.
traditional IPSec client solutions and unique The Juniper Networks SA 6000 SSL VPN is purpose-built for large enterprises and
end-to-end security features. service providers. It features best-in-class performance, scalability, and redundancy
for organizations with high volume secure access and authorization requirements.
Additionally, the SA 6000 offers High Availability (HA) with seamless user failover. The
SA 6000 hardware platform, complete with multi-unit clustering options, is designed
to scale to the largest enterprise deployments, with available redundant hot swappable
hard disks, power supplies, and fans, as well as GBIC-based multiple Ethernet ports for
redundant or meshed configurations. The SA 6000 also features a built-in compression
for web and files, and a state-of-the-art SSL acceleration chipset to speed CPU-intensive
encrypt/decrypt processes.
2
Multiple Hostname Support Ability to host different virtual extranet Web sites from a Saves the cost of incremental servers, eases management
(Advanced Software Feature Set) single SA appliance overhead, and provides a transparent user experience with
differentiated entry URLs
Customizable User Interface Creation of completely customized sign-on pages Provides an individualized look for specified roles,
(Advanced Software Feature Set) streamlining the user experience
Juniper Networks Central Manager Intuitive Web-based UI for configuring, updating, and Conveniently manage, configure, and maintain SA appliances
(Advanced Software Feature Set) monitoring SA appliances within a single device/cluster or from one central location
across a global cluster deployment
“In Case of Emergency” (ICE) Provides licenses for a large number of additional users on Enables a company to continue business operations by
a SA SSL VPN appliance for a limited time when a disaster maintaining productivity, sustaining partnerships, and
or epidemic occurs delivering continued services to customers when the
unexpected happens
Cross-platform Support Ability for any platform to gain access to resources Provides flexibility in allowing users to access corporate
(e.g., Windows, Mac, Linux, mobile devices) resources from any type of device using any type of
operating system
User Self-Service
The SA 2000, SA 4000, and SA 6000 offer comprehensive password management features. These features increase end user productivity,
greatly simplify administration of large diverse user resources, and significantly reduce the number of help desk calls.
Feature Feature Description Benefit
Password Management Integration Standards-based interface for extensive integration with Leverage existing servers to authenticate users; users can
password policies in directory stores (LDAP, Microsoft Active manage their passwords directly through the SA interface
Directory, NT, etc.)
Web-based Single Sign-On (SSO) Allows users to access other applications or resources Alleviates the need for end users to enter and maintain
Basic Authentication and NTLM that are protected by another access management system multiple sets of credentials for Web-based and Microsoft
without re-entering login credentials applications
Web-based SSO Ability to pass user name, credentials, and other customer- Enhances user productivity and provides a customized
Forms-based, Header defined attributes to the authentication forms of other experience
Variable-based, SAML-based products and as header variables
(Advanced Feature Set)
Provision by Purpose
The SA 2000, SA 4000 and SA 6000 include three different access methods. These different methods are selected as part of the user’s role,
so the administrator can enable the appropriate access on a per-session basis, taking into account user, device, and network attributes in
combination with enterprise security policies.
Feature Feature Description Benefit
Clientless Core Web Access Access to Web-based applications, including complex Provides the most easily accessible form of application
JavaScript, XML, or Flash-based apps and Java applets that and resource access from a variety of end-user machines,
require a socket connection, as well as standards-based including handheld devices, and enables extremely granular
e-mail, Windows and UNIX file share, telnet/SSH hosted- security control options. Completely clientless approach
applications, Citrix and Windows Terminal Services, Terminal using only a web browser
Emulation, etc.
Secure Application Manager (SAM) A lightweight Java or Windows-based download enabling Enables access to client/server applications using just a
(SAMNC License) access to client/server applications web browser; also provides native access to terminal server
applications without the need for a pre-installed client
Network Connect (NC) Provides complete network-layer connectivity via an Users need only a Web browser; Network Connect
(SAMNC License) automatically provisioned cross-platform download; Windows transparently selects between two possible transport
Logon/GINA integration for domain single sign-on (SSO); methods, to automatically deliver the highest performance
installer services to mitigate need for admin rights possible for every network environment; when used with
Juniper Installer Services, no admin rights needed to install,
run, and upgrade Network Connect; optional stand-alone
installation available as well
ICE Option • Sustain partnerships with around the clock real-time access to
applications and services while knowing resources are secured
SSL VPNs can help to keep organizations and businesses
and protected
functioning by connecting people even during the most
unpredictable circumstances – hurricanes, terrorist attacks, • Continue to deliver exceptional service to customers and partners
with online collaboration
transportation strikes, pandemics or virus outbreaks, the result of
which could mean the quarantine or isolation of entire regions or • Meet federal and government mandates for contingencies and
groups of people for an extended period of time. With the right continuity of operations (COOP) compliance
balance of risk and cost, the new Juniper Networks Secure Access • Balance risk and scalability with cost and ease of deployment
ICE offering delivers a timely solution for addressing a dramatic The ICE license is available for the SA4000 and the SA6000 and
peak in demand for remote access to ensure business continuity includes all of the following features:
whenever a disastrous event strikes. ICE provides licenses for a
large number of additional users on a Secure Access SSL VPN • Baseline
appliance for a limited time. With ICE, businesses can: • Advanced
• Maintain productivity by enabling ubiquitous access to • Secure Application Manager and Network Connect
applications and information for employees from anywhere, • Secure Meeting
anytime, and any device • SSL Acceleration
Specifications
SA 2000 SA 4000 SA 6000
Panel Display
Front Panel Power Button Yes Yes Yes
Power LED, HD Activity, Temp Yes Yes Yes
PS Fail No No Yes
HDD Activity and RAID Status LEDs No No Yes
Ports
Traffic Two RJ-45 Ethernet – Two RJ-45 Ethernet – Two RJ-45 Ethernet –
10/100/1000 full or half-duplex 10/100/1000 full or half-duplex 10/100/1000 full or half-duplex
(auto-negotiation) (auto-negotiation) (auto-negotiation)
Two SFP ports – Gig-E
Management N/A N/A One RJ-45 Ethernet-10/100/1000 full
or half-duplex (auto-negotiation)
Fast Ethernet IEEE 802.3u compliant IEEE 802.3u compliant IEEE 802.3u compliant
Gigabit Ethernet IEEE 802.3z or IEEE 802.3ab compliant IEEE 802.3z or IEEE 802.3ab compliant IEEE 802.3z or IEEE 802.3ab compliant
Console One 9-pin serial console port One 9-pin serial console port One 9-pin serial console port
Environment
Operating Temperature 50° to 95° F (10° to 35° C) 50° to 95° F (10° to 35° C) 50° to 104° F (10° to 40° C)
Storage Temperature -40° to 158° F (-40° to 70° C) -40° to 158° F (-40° to 70° C) -40° to 158° F (-40° to 70° C)
Relative Humidity (Operating) 8% to 90% noncondensing 8% to 90% noncondensing 8% to 90% noncondensing
Relative Humidity (Storage) 5% to 95% noncondensing 5% to 95% noncondensing 5% to 95% noncondensing
Altitude (Operating) -50 to 10,000 ft (3,000 m) -50 to 10,000 ft (3,000 m) -50 to 10,000 ft (3,000 m)
Altitude (Storage) -50 to 35,000 ft (10,600 m) -50 to 35,000 ft (10,600 m) -50 to 35,000 ft (10,600 m)
7
Specifications
SA 2000 SA 4000 SA 6000
Certifications
Safety Certifications EN60950-1:2001+ A11, EN60950-1:2001+ A11, EN60950-1:2001+ A11,
UL60950-1:2003, CSA C22.2 No. 60950-1, UL60950-1:2003, CSA C22.2 No. 60950-1, UL60950-1:2003, CSA C22.2 No. 60950-1,
IEC 60950-1:2001 IEC 60950-1:2001 IEC 60950-1:2001
Emissions Certifications FCC Class A, VCCI Class A, CE class A FCC Class A, VCCI Class A, CE class A FCC Class A, VCCI Class A, CE class A
Common Criteria EAL2 Certification Yes Yes Yes
FIPS Option (140-2, Level 3 Certification) No Yes Yes
Warranty 90 days; 90 days; 90 days;
Can be extended with support contract Can be extended with support contract Can be extended with support contract
Ordering Information
Secure Access 2000 Base System Secure Access 4000 Feature Licenses (cont’d)
SA2000 Secure Access 2000 Base System SA-AED-ADD-250U Advanced Endpoint Defense: Malware Protection
- Add 250 simultaneous users
Secure Access 2000 User Licenses SA-AED-ADD-500U Advanced Endpoint Defense: Malware Protection
SA2000-ADD-25U Add 25 simultaneous users to SA 2000 - Add 500 simultaneous users
SA2000-ADD-50U Add 50 simultaneous users to SA 2000 Secure Access 4000 Clustering Licenses
SA2000-ADD-100U Add 100 simultaneous users to SA 2000
SA4000-CL-50U Clustering: Allow 50 additional users to be shared from
Secure Access 2000 Feature Licenses another SA 4000
SA4000-CL-100U Clustering: Allow 100 additional users to be shared from
SA2000-SAMNC Secure Application Manager and Network Connect for SA 2000 another SA 4000
SA2000-ADV Advanced for SA 2000 SA4000-CL-250U Clustering: Allow 250 additional users to be shared from
SA2000-MTG Secure Meeting for SA 2000 another SA 4000
SA-AED-ADD-50U Advanced Endpoint Defense: Malware Protection SA4000-CL-500U Clustering: Allow 500 additional users to be shared from
- Add 50 simultaneous users another SA 4000
SA-AED-ADD-100U Advanced Endpoint Defense: Malware Protection SA4000-CL-1000U Clustering: Allow 1000 additional users to be shared from
- Add 100 simultaneous users another SA 4000
Secure Access 2000 Clustering Licenses Secure Access 6000 Base System
SA2000-CL-25U Clustering: Allow 25 additional users to be shared from SA6000 Secure Access 6000 Base System
another SA 2000
SA2000-CL-50U Clustering: Allow 50 additional users to be shared from Secure Access 6000 User Licenses
another SA 2000 SA6000-ADD-100U Add 100 simultaneous users to SA 6000
SA2000-CL-100U Clustering: Allow 100 additional users to be shared from SA6000-ADD-250U Add 250 simultaneous users to SA 6000
another SA 2000
SA6000-ADD-500U Add 500 simultaneous users to SA 6000
Secure Access 4000 Base System SA6000-ADD-1000U Add 1000 simultaneous users to SA 6000
SA6000-ADD-2500U Add 2500 simultaneous users to SA 6000
SA4000 Secure Access 4000 Base System
SA6000-ADD-5000U Add 5000 simultaneous users to SA 6000
Secure Access 4000 User Licenses SA6000-ADD-7500U* Add 7500 simultaneous users to SA 6000
SA4000-ADD-50U Add 50 simultaneous users to SA 4000 SA6000-ADD-10000U* Add 10000 simultaneous users to SA 6000
SA4000-ADD-100U Add 100 simultaneous users to SA 4000 SA6000-ADD-12500U* Add 12500 simultaneous users to SA 6000
SA4000-ADD-250U Add 250 simultaneous users to SA 4000 SA6000-ADD-15000U* Add 15000 simultaneous users to SA 6000
SA4000-ADD-500U Add 500 simultaneous users to SA 4000 *Multiple SA 6000s required
SA4000-ADD-1000U Add 1000 simultaneous users to SA 4000 Secure Access 6000 Feature Licenses
Secure Access 4000 Feature Licenses SA6000-SAMNC Secure Application Manager and Network Connect for SA 6000
SA4000-SAMNC Secure Application Manager and Network Connect for SA 4000 SA6000-ADV Advanced for SA 6000
SA4000-ADV Advanced for SA 4000 SA6000-MTG Secure Meeting for SA 6000
SA4000-MTG Secure Meeting for SA 4000 SA6000-IVS Instant Virtual System for SA 6000
SA4000-SSL SSL Acceleration License for SA 4000 SA-AED-ADD-50U Advanced Endpoint Defense: Malware Protection
SA4000-IVS Instant Virtual System for SA 4000 - Add 50 simultaneous users
SA-AED-ADD-50U Advanced Endpoint Defense: Malware Protection SA-AED-ADD-100U Advanced Endpoint Defense: Malware Protection
- Add 50 simultaneous users - Add 100 simultaneous users
SA-AED-ADD-100U Advanced Endpoint Defense: Malware Protection SA-AED-ADD-250U Advanced Endpoint Defense: Malware Protection
- Add 100 simultaneous users - Add 250 simultaneous users
Ordering Information (cont’d)
Secure Access 6000 Feature Licenses (cont’d) Accessories
SA-AED-ADD-500U Advanced Endpoint Defense: Malware Protection SA6000-PS Field Upgradeable Secondary Power Supply for SA 6000
- Add 500 simultaneous users SA6000-HD Field Upgradeable Secondary Hard Disk for SA 6000
SA-AED-ADD-1000U Advanced Endpoint Defense: Malware Protection SA6000-MEM Field Upgradeable (by authorized VAR only)
- Add 1000 simultaneous users Additional 2 GB Memory for SA 6000
SA-AED-ADD-2500U Advanced Endpoint Defense: Malware Protection SA6000-FAN Field Replaceable Fan for SA 6000
- Add 2500 simultaneous users
SA-ACC-RCKMT-KIT-1U Spare Secure Access Rack Mount Kit-1U
Secure Access 6000 Clustering Licenses SA-ACC-RCKMT-KIT-2U Spare Secure Access Rack Mount Kit-2U
SA-ACC-PWR-AC-USA Spare Secure Access AC Power Cord USA
SA6000-CL-100U Clustering: Allow 100 additional users to be shared from
another SA 6000 SA-ACC-PWR-AC-UK Spare Secure Access AC Power Cord UK
SA6000-CL-250U Clustering: Allow 250 additional users to be shared from SA-ACC-PWR-AC-EUR Spare Secure Access AC Power Cord EUR
another SA 6000 SA-ACC-PWR-AC-JPN Spare Secure Access AC Power Cord JPN
SA6000-CL-500U Clustering: Allow 500 additional users to be shared from SA6000-GBIC-FSX GBIC Transceiver-Fiber SX for SA 6000
another SA 6000 SA6000-GBIC-FLX GBIC Transceiver-Fiber LX for SA 6000
SA6000-CL-1000U Clustering: Allow 1000 additional users to be shared from SA6000-GBIC-COP GBIC Transceiver-Copper for SA 6000
another SA 6000
SA6000-CL-2500U Clustering: Allow 2500 additional users to be shared from
another SA 6000
About Juniper Networks
SA6000-CL-5000U Clustering: Allow 5000 additional users to be shared from
another SA 6000 Juniper Networks, Inc. is the leader in high-performance
SA6000-CL-7500U Clustering: Allow 7500 additional users to be shared from networking. Juniper offers a high-performance network
another SA 6000 infrastructure that creates a responsive and trusted environment
SA6000-CL-10000U Clustering: Allow 10000 additional users to be shared from for accelerating the deployment of services and applications over a
another SA 6000 single network. This fuels high-performance businesses. Additional
SA6000-CL-12500U Clustering: Allow 12500 additional users to be shared from information can be found at www.juniper.net.
another SA 6000
SA6000-CL-15000U Clustering: Allow 15000 additional users to be shared from
another SA 6000
CORPORATE HEADQUARTERS EUROPE, MIDDLE EAST, AFRICA EAST COAST OFFICE ASIA PACIFIC REGIONAL SALES HEADQUARTERS
AND SALES HEADQUARTERS FOR REGIONAL SALES HEADQUARTERS Juniper Networks, Inc. Juniper Networks (Hong Kong) Ltd.
NORTH AND SOUTH AMERICA Juniper Networks (UK) Limited 10 Technology Park Drive 26/F, Cityplaza One
Juniper Networks, Inc. Building 1 Westford, MA 01886-3146 USA 1111 King’s Road
1194 North Mathilda Avenue Aviator Park Phone: 978.589.5800 Taikoo Shing, Hong Kong
Sunnyvale, CA 94089 USA Station Road Fax: 978.589.0800 Phone: 852.2332.3636
Phone: 888.JUNIPER (888.586.4737) Addlestone Fax: 852.2574.7803
or 408.745.2000 Surrey, KT15 2PG, U.K.
Fax: 408.745.2100 Phone: 44.(0).1372.385500
www.juniper.net Fax: 44.(0).1372.385501
Copyright 2008 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper
Networks logo, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc.
in the United States and other countries. JUNOS and JUNOSe are trademarks of Juniper To purchase Juniper Networks solutions, please
Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service
marks are the property of their respective owners. Juniper Networks assumes no responsibility contact your Juniper Networks sales representative
for any inaccuracies in this document. Juniper Networks reserves the right to change, modify,
transfer, or otherwise revise this publication without notice.
at 1-866-298-6428 or authorized reseller.
100189-006 Feb 2008